The consumer version of Office 2007, released only four weeks ago, have come under the hammer of researchers at eEye Digital Security, which claims to have spotted a “highly critical” security vulnerability, regardless of Microsoft’s attempts to put forward its highly protected version up till now of the productivity software.
The recently launched Office 2007 had been brought about to hold up higher scrutiny by pernicious code writers, as Microsoft subjected the software to code auditors as part of its security development lifecycle. However experts at eEye Digital Security detected file format susceptibility in Microsoft Office Publisher 2007, which might be misused to allow an outsider sprint code on a compromised PC.
Ross Brown, eEye’s chief executive said;
We were surprised we could find a flaw so quickly (after Office 2007 launched) and one that was part of their core products.
An attacker could create a malicious publisher file, he said. Once the recipient opens the file, he or she could find the system infected and susceptible to a remote attack.
